create-backlist 6.0.2 → 6.0.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "create-backlist",
-  "version": "6.0.2",
+  "version": "6.0.4",
   "description": "An advanced, multi-language backend generator based on frontend analysis.",
   "type": "commonjs",
   "bin": {

package/src/analyzer.js

@@ -1,68 +1,149 @@
-const fs = require('fs-extra');
-const { glob } = require('glob');
-const parser = require('@babel/parser');
-const traverse = require('@babel/traverse').default;
-
-/**
- * Convert segment -> ControllerName (Users -> Users, user-orders -> UserOrders)
- */
+/* eslint-disable @typescript-eslint/no-var-requires */
+const fs = require("fs-extra");
+const path = require("path");
+const { glob } = require("glob");
+
+const parser = require("@babel/parser");
+const traverse = require("@babel/traverse").default;
+
+const HTTP_METHODS = new Set(["get", "post", "put", "patch", "delete"]);
+
+// -------------------------
+// Small utils
+// -------------------------
+function normalizeSlashes(p) {
+  return String(p || "").replace(/\\/g, "/");
+}
+
+function readJSONSafe(p) {
+  try {
+    return fs.readJsonSync(p);
+  } catch {
+    return null;
+  }
+}
+
+// -------------------------
+// AUTH detection (for addAuth)
+// -------------------------
+function findAuthUsageInRepo(rootDir) {
+  // 1) package.json quick check
+  const pkgPath = path.join(rootDir, "package.json");
+  const pkg = readJSONSafe(pkgPath) || {};
+  const deps = { ...(pkg.dependencies || {}), ...(pkg.devDependencies || {}) };
+
+  const authDeps = [
+    "next-auth",
+    "@auth/core",
+    "@clerk/nextjs",
+    "@supabase/auth-helpers-nextjs",
+    "@supabase/supabase-js",
+    "firebase",
+    "lucia",
+  ];
+
+  if (authDeps.some((d) => deps[d])) return true;
+
+  // 2) Source scan for common auth identifiers
+  const scanDirs = ["src", "app", "pages", "components", "lib", "utils"]
+    .map((d) => path.join(rootDir, d))
+    .filter((d) => fs.existsSync(d));
+
+  const patterns = [
+    "next-auth",
+    "getServerSession",
+    "useSession",
+    "SessionProvider",
+    "@clerk/nextjs",
+    "ClerkProvider",
+    "auth()",
+    "currentUser",
+    "createServerClient",
+  ];
+
+  for (const dir of scanDirs) {
+    const files = glob.sync(`${normalizeSlashes(dir)}/**/*.{js,ts,jsx,tsx}`, {
+      ignore: [
+        "**/node_modules/**",
+        "**/dist/**",
+        "**/build/**",
+        "**/.next/**",
+        "**/coverage/**",
+      ],
+    });
+
+    for (const f of files) {
+      try {
+        const content = fs.readFileSync(f, "utf8");
+        if (patterns.some((p) => content.includes(p))) return true;
+      } catch {
+        // ignore read errors
+      }
+    }
+  }
+
+  return false;
+}
+
+// -------------------------
+// Frontend API call analyzer (your code)
+// -------------------------
 function toTitleCase(str) {
-  if (!str) return 'Default';
+  if (!str) return "Default";
   return String(str)
-    .replace(/[-_]+(\w)/g, (_, c) => c.toUpperCase()) // kebab/snake to camel
-    .replace(/^\w/, c => c.toUpperCase())
-    .replace(/[^a-zA-Z0-9]/g, '');
+    .replace(/[-_]+(\w)/g, (_, c) => c.toUpperCase())
+    .replace(/^\w/, (c) => c.toUpperCase())
+    .replace(/[^a-zA-Z0-9]/g, "");
 }
 
 function normalizeRouteForBackend(urlValue) {
-  // Convert template placeholders {id} -> :id
-  return urlValue.replace(/\{(\w+)\}/g, ':$1');
+  return urlValue.replace(/\{(\w+)\}/g, ":$1");
 }
 
 function inferTypeFromNode(node) {
-  if (!node) return 'String';
+  if (!node) return "String";
   switch (node.type) {
-    case 'StringLiteral': return 'String';
-    case 'NumericLiteral': return 'Number';
-    case 'BooleanLiteral': return 'Boolean';
-    case 'NullLiteral': return 'String';
-    default: return 'String';
+    case "StringLiteral":
+      return "String";
+    case "NumericLiteral":
+      return "Number";
+    case "BooleanLiteral":
+      return "Boolean";
+    case "NullLiteral":
+      return "String";
+    default:
+      return "String";
   }
 }
 
 function extractObjectSchema(objExpr) {
   const schemaFields = {};
-  if (!objExpr || objExpr.type !== 'ObjectExpression') return null;
+  if (!objExpr || objExpr.type !== "ObjectExpression") return null;
 
   for (const prop of objExpr.properties) {
-    if (prop.type !== 'ObjectProperty') continue;
+    if (prop.type !== "ObjectProperty") continue;
 
     const key =
-      prop.key.type === 'Identifier' ? prop.key.name :
-      prop.key.type === 'StringLiteral' ? prop.key.value :
-      null;
+      prop.key.type === "Identifier"
+        ? prop.key.name
+        : prop.key.type === "StringLiteral"
+          ? prop.key.value
+          : null;
 
     if (!key) continue;
-
     schemaFields[key] = inferTypeFromNode(prop.value);
   }
   return schemaFields;
 }
 
-/**
- * Try to resolve Identifier -> its init value if it's const payload = {...}
- */
-function resolveIdentifierToInit(path, identifierName) {
+function resolveIdentifierToInit(pathObj, identifierName) {
   try {
-    const binding = path.scope.getBinding(identifierName);
+    const binding = pathObj.scope.getBinding(identifierName);
     if (!binding) return null;
-    const declPath = binding.path; // VariableDeclarator path usually
+    const declPath = binding.path;
     if (!declPath || !declPath.node) return null;
 
-    // VariableDeclarator: id = init
-    if (declPath.node.type === 'VariableDeclarator') {
-      return declPath.node.init || null;
-    }
+    if (declPath.node.type === "VariableDeclarator") return declPath.node.init || null;
     return null;
   } catch {
     return null;
@@ -72,18 +153,17 @@ function resolveIdentifierToInit(path, identifierName) {
 function getUrlValue(urlNode) {
   if (!urlNode) return null;
 
-  if (urlNode.type === 'StringLiteral') return urlNode.value;
+  if (urlNode.type === "StringLiteral") return urlNode.value;
 
-  if (urlNode.type === 'TemplateLiteral') {
-    // `/api/users/${id}` -> `/api/users/{id}`
+  if (urlNode.type === "TemplateLiteral") {
     const quasis = urlNode.quasis || [];
     const exprs = urlNode.expressions || [];
-    let out = '';
+    let out = "";
     for (let i = 0; i < quasis.length; i++) {
       out += quasis[i].value.raw;
       if (exprs[i]) {
-        if (exprs[i].type === 'Identifier') out += `{${exprs[i].name}}`;
-        else out += `{param}`;
+        if (exprs[i].type === "Identifier") out += `{${exprs[i].name}}`;
+        else out += `{param${i + 1}}`;
       }
     }
     return out;
@@ -92,58 +172,95 @@ function getUrlValue(urlNode) {
   return null;
 }
 
+function extractApiPath(urlValue) {
+  if (!urlValue) return null;
+  const idx = urlValue.indexOf("/api/");
+  if (idx === -1) return null;
+  return urlValue.slice(idx);
+}
+
 function deriveControllerNameFromUrl(urlValue) {
-  // supports: /api/users, /api/v1/users, /api/admin/users
-  const parts = urlValue.split('/').filter(Boolean); // ["api","v1","users"]
-  const apiIndex = parts.indexOf('api');
-  const seg = (apiIndex >= 0 && parts.length > apiIndex + 1)
-    ? parts[apiIndex + 1]
-    : parts[0];
+  const apiPath = extractApiPath(urlValue) || urlValue;
+  const parts = String(apiPath).split("/").filter(Boolean);
+  const apiIndex = parts.indexOf("api");
+
+  let seg = null;
+
+  if (apiIndex >= 0) {
+    seg = parts[apiIndex + 1] || null;
+    if (seg && /^v\d+$/i.test(seg)) {
+      seg = parts[apiIndex + 2] || seg;
+    }
+  } else {
+    seg = parts[0] || null;
+  }
 
   return toTitleCase(seg);
 }
 
 function deriveActionName(method, route) {
-  // method + last segment heuristic
-  const cleaned = route.replace(/^\/api\//, '/').replace(/[/:{}-]/g, ' ');
-  const last = cleaned.trim().split(/\s+/).filter(Boolean).pop() || 'Action';
-  return `${method.toLowerCase()}${toTitleCase(last)}`;
+  const cleaned = String(route).replace(/^\/api\//, "/").replace(/[/:{}-]/g, " ");
+  const last = cleaned.trim().split(/\s+/).filter(Boolean).pop() || "Action";
+  return `${String(method).toLowerCase()}${toTitleCase(last)}`;
 }
 
 function extractPathParams(route) {
   const params = [];
-  const re = /[:{]([a-zA-Z0-9_]+)[}]/g; // matches :id or {id}
+  const re = /[:{]([a-zA-Z0-9_]+)[}]/g;
   let m;
   while ((m = re.exec(route))) params.push(m[1]);
   return Array.from(new Set(params));
 }
 
 function extractQueryParamsFromUrl(urlValue) {
-  // if url has ?a=b&c=d as string literal
   try {
-    const qIndex = urlValue.indexOf('?');
+    const qIndex = urlValue.indexOf("?");
     if (qIndex === -1) return [];
     const qs = urlValue.slice(qIndex + 1);
-    return qs.split('&').map(p => p.split('=')[0]).filter(Boolean);
+    return qs
+      .split("&")
+      .map((p) => p.split("=")[0])
+      .filter(Boolean);
   } catch {
     return [];
   }
 }
 
+function detectAxiosLikeMethod(node) {
+  if (!node.callee || node.callee.type !== "MemberExpression") return null;
+
+  const prop = node.callee.property;
+  if (!prop || prop.type !== "Identifier") return null;
+
+  const name = prop.name.toLowerCase();
+  if (!HTTP_METHODS.has(name)) return null;
+
+  return name.toUpperCase();
+}
+
 async function analyzeFrontend(srcPath) {
+  if (!srcPath) throw new Error("analyzeFrontend: srcPath is required");
   if (!fs.existsSync(srcPath)) {
     throw new Error(`The source directory '${srcPath}' does not exist.`);
   }
 
-  const files = await glob(`${srcPath}/**/*.{js,ts,jsx,tsx}`, { ignore: ['**/node_modules/**', '**/dist/**', '**/build/**'] });
+  const files = await glob(`${normalizeSlashes(srcPath)}/**/*.{js,ts,jsx,tsx}`, {
+    ignore: ["**/node_modules/**", "**/dist/**", "**/build/**", "**/.next/**", "**/coverage/**"],
+  });
+
   const endpoints = new Map();
 
   for (const file of files) {
-    const code = await fs.readFile(file, 'utf-8');
+    let code;
+    try {
+      code = await fs.readFile(file, "utf-8");
+    } catch {
+      continue;
+    }
 
     let ast;
     try {
-      ast = parser.parse(code, { sourceType: 'module', plugins: ['jsx', 'typescript'] });
+      ast = parser.parse(code, { sourceType: "module", plugins: ["jsx", "typescript"] });
     } catch {
       continue;
     }
@@ -152,88 +269,98 @@ async function analyzeFrontend(srcPath) {
       CallExpression(callPath) {
         const node = callPath.node;
 
-        // --- Detect fetch(url, options) ---
-        const isFetch = node.callee.type === 'Identifier' && node.callee.name === 'fetch';
-
-        // --- Detect axios.<method>(url, data?, config?) ---
-        const isAxiosMethod =
-          node.callee.type === 'MemberExpression' &&
-          node.callee.object.type === 'Identifier' &&
-          node.callee.object.name === 'axios' &&
-          node.callee.property.type === 'Identifier';
+        const isFetch = node.callee.type === "Identifier" && node.callee.name === "fetch";
+        const axiosMethod = detectAxiosLikeMethod(node);
 
-        if (!isFetch && !isAxiosMethod) return;
+        if (!isFetch && !axiosMethod) return;
 
         let urlValue = null;
-        let method = 'GET';
+        let method = "GET";
         let schemaFields = null;
 
         if (isFetch) {
           urlValue = getUrlValue(node.arguments[0]);
           const optionsNode = node.arguments[1];
 
-          if (optionsNode && optionsNode.type === 'ObjectExpression') {
-            const methodProp = optionsNode.properties.find(p => p.type === 'ObjectProperty' && p.key.type === 'Identifier' && p.key.name === 'method');
-            if (methodProp && methodProp.value.type === 'StringLiteral') method = methodProp.value.value.toUpperCase();
-
-            const bodyProp = optionsNode.properties.find(p => p.type === 'ObjectProperty' && p.key.type === 'Identifier' && p.key.name === 'body');
-
-            if (bodyProp) {
-              // body: JSON.stringify(objOrVar)
-              const v = bodyProp.value;
-
-              if (v.type === 'CallExpression' && v.callee.type === 'MemberExpression' &&
-                v.callee.object.type === 'Identifier' && v.callee.object.name === 'JSON' &&
-                v.callee.property.type === 'Identifier' && v.callee.property.name === 'stringify'
-              ) {
-                const arg0 = v.arguments[0];
+          if (optionsNode && optionsNode.type === "ObjectExpression") {
+            const methodProp = optionsNode.properties.find(
+              (p) =>
+                p.type === "ObjectProperty" &&
+                p.key.type === "Identifier" &&
+                p.key.name === "method"
+            );
+            if (methodProp && methodProp.value.type === "StringLiteral") {
+              method = methodProp.value.value.toUpperCase();
+            }
 
-                if (arg0?.type === 'ObjectExpression') {
-                  schemaFields = extractObjectSchema(arg0);
-                } else if (arg0?.type === 'Identifier') {
-                  const init = resolveIdentifierToInit(callPath, arg0.name);
-                  if (init?.type === 'ObjectExpression') schemaFields = extractObjectSchema(init);
+            if (["POST", "PUT", "PATCH"].includes(method)) {
+              const bodyProp = optionsNode.properties.find(
+                (p) =>
+                  p.type === "ObjectProperty" &&
+                  p.key.type === "Identifier" &&
+                  p.key.name === "body"
+              );
+
+              if (bodyProp) {
+                const v = bodyProp.value;
+
+                if (
+                  v.type === "CallExpression" &&
+                  v.callee.type === "MemberExpression" &&
+                  v.callee.object.type === "Identifier" &&
+                  v.callee.object.name === "JSON" &&
+                  v.callee.property.type === "Identifier" &&
+                  v.callee.property.name === "stringify"
+                ) {
+                  const arg0 = v.arguments[0];
+
+                  if (arg0?.type === "ObjectExpression") {
+                    schemaFields = extractObjectSchema(arg0);
+                  } else if (arg0?.type === "Identifier") {
+                    const init = resolveIdentifierToInit(callPath, arg0.name);
+                    if (init?.type === "ObjectExpression") schemaFields = extractObjectSchema(init);
+                  }
                 }
               }
             }
           }
         }
 
-        if (isAxiosMethod) {
-          method = node.callee.property.name.toUpperCase();
+        if (axiosMethod) {
+          method = axiosMethod;
           urlValue = getUrlValue(node.arguments[0]);
 
-          // axios.post(url, data)
-          if (['POST', 'PUT', 'PATCH'].includes(method)) {
+          if (["POST", "PUT", "PATCH"].includes(method)) {
             const dataArg = node.arguments[1];
-            if (dataArg?.type === 'ObjectExpression') {
+            if (dataArg?.type === "ObjectExpression") {
               schemaFields = extractObjectSchema(dataArg);
-            } else if (dataArg?.type === 'Identifier') {
+            } else if (dataArg?.type === "Identifier") {
               const init = resolveIdentifierToInit(callPath, dataArg.name);
-              if (init?.type === 'ObjectExpression') schemaFields = extractObjectSchema(init);
+              if (init?.type === "ObjectExpression") schemaFields = extractObjectSchema(init);
             }
           }
         }
 
-        if (!urlValue || !urlValue.startsWith('/api/')) return;
+        const apiPath = extractApiPath(urlValue);
+        if (!apiPath) return;
 
-        const route = normalizeRouteForBackend(urlValue.split('?')[0]); // drop query string
-        const controllerName = deriveControllerNameFromUrl(urlValue);
+        const route = normalizeRouteForBackend(apiPath.split("?")[0]);
+        const controllerName = deriveControllerNameFromUrl(apiPath);
         const actionName = deriveActionName(method, route);
 
         const key = `${method}:${route}`;
         if (!endpoints.has(key)) {
           endpoints.set(key, {
-            path: urlValue,
-            route,              // normalized for backend: /api/users/:id
+            path: apiPath,
+            route,
             method,
             controllerName,
             actionName,
             pathParams: extractPathParams(route),
-            queryParams: extractQueryParamsFromUrl(urlValue),
-            schemaFields,       // backward compat (your generators use this)
+            queryParams: extractQueryParamsFromUrl(apiPath),
+            schemaFields,
             requestBody: schemaFields ? { fields: schemaFields } : null,
-            sourceFile: file
+            sourceFile: normalizeSlashes(file),
           });
         }
       },
@@ -243,4 +370,21 @@ async function analyzeFrontend(srcPath) {
   return Array.from(endpoints.values());
 }
 
-module.exports = { analyzeFrontend };
+// -------------------------
+// Main analyze() exported for CLI
+// -------------------------
+function analyze(projectRoot = process.cwd()) {
+  const rootDir = path.resolve(projectRoot);
+
+  return {
+    rootDir: normalizeSlashes(rootDir),
+    hasAuth: findAuthUsageInRepo(rootDir),
+    // If CLI expects addAuth directly, keep both:
+    addAuth: findAuthUsageInRepo(rootDir),
+  };
+}
+
+module.exports = {
+  analyze,
+  analyzeFrontend,
+};

package/src/templates/node-ts-express/partials/App.test.ts.ejs

@@ -2,7 +2,8 @@
 import request from 'supertest';
 import express from 'express';
 
-import apiRoutes from '../routes'; 
+import apiRoutes from '../routes';
+
 <% if (addAuth) { -%>
 import authRoutes from '../routes/Auth.routes';
 <% } -%>
@@ -13,6 +14,7 @@ app.use(express.json());
 <% if (addAuth) { -%>
 app.use('/api/auth', authRoutes);
 <% } -%>
+
 app.use('/api', apiRoutes);
 
 describe('API Endpoints (Generated)', () => {
@@ -22,14 +24,35 @@ describe('API Endpoints (Generated)', () => {
 
   <% endpoints
       .filter(ep => ep && ep.route && ep.method)
-      .forEach(ep => { 
-        const method = ep.method.toLowerCase();
-        const url = (ep.route.startsWith('/api/') ? ep.route.replace(/^\/api/, '') : ep.route)
-          .replace(/:\w+/g, '1'); // replace path params with dummy value
+      .forEach(ep => {
+        const method = String(ep.method).toLowerCase();
+
+        // ep.route might be "/api/..." or "/..."
+        const url = (String(ep.route).startsWith('/api/')
+          ? String(ep.route).replace(/^\/api/, '')
+          : String(ep.route)
+        )
+          // replace ":id" style params with dummy value
+          .replace(/:\w+/g, '1');
   -%>
   it('<%= ep.method %> <%= url %> should respond', async () => {
-    const res = await request(app).<%= method %>('<%= '/api' + url %>')<% if (['post','put','patch'].includes(method) && ep.schemaFields) { %>
-      .send(<%- JSON.stringify(Object.fromEntries(Object.entries(ep.schemaFields).map(([k,t]) => [k, t === 'Number' ? 1 : (t === 'Boolean' ? true : 'test') ]))) %>)<% } %>;
+    const req = request(app).<%= method %>('<%= '/api' + url %>');
+
+    <% if (['post','put','patch'].includes(method) && ep.schemaFields) { -%>
+    req.send(
+      <%- JSON.stringify(
+        Object.fromEntries(
+          Object.entries(ep.schemaFields).map(([k, t]) => [
+            k,
+            t === 'Number' ? 1 : (t === 'Boolean' ? true : 'test')
+          ])
+        )
+      ) %>
+    );
+    <% } -%>
+
+    const res = await req;
+
     // We only assert "not 404" because generated handlers may be TODO stubs,
     // and auth/validation may affect exact status codes.
     expect(res.statusCode).not.toBe(404);